After a standard system upgrade you need to restart any Java applicationsto effect the necessary changes.

Details follow:

Dan Kaminsky discovered that SSL certificates signed with MD2 could bespoofed given enough time. As a result, an attacker could potentiallycreate a malicious trusted certificate to impersonate another site. Thisupdate handles this issue by completely disabling MD2 for certificatevalidation in OpenJDK. (CVE-2009-2409)

It was discovered that ICC profiles could be identified with".." pathnames. If a user were tricked into running a speciallycrafted applet, a remote attacker could gain information about a localsystem. (CVE-2009-3728)

Peter Vreugdenhil discovered multiple flaws in the processing of graphicsin the AWT library. If a user were tricked into running a speciallycrafted applet, a remote attacker could crash the application or runarbitrary code with user privileges. (CVE-2009-3869, CVE-2009-3871)

Multiple flaws were discovered in JPEG and BMP image handling. If a userwere tricked into loading a specially crafted image, a remote attackercould crash the application or run arbitrary code with user privileges.(CVE-2009-3873, CVE-2009-3874, CVE-2009-3885)

Multiple flaws were discovered in ASN.1 parsing. A remote attackercould send a specially crafted HTTP stream that would exhaust systemmemory and lead to a denial of service. (CVE-2009-3876, CVE-2009-3877)

It was discovered that the graphics configuration subsystem didnot correctly handle arrays. If a user were tricked into runninga specially crafted applet, a remote attacker could exploit thisto crash the application or execute arbitrary code with userprivileges. (CVE-2009-3879)

It was discovered that loggers and Swing did not correctly handlecertain sensitive objects. If a user were tricked into running aspecially crafted applet, private information could be leaked to a remoteattacker, leading to a loss of privacy. (CVE-2009-3880, CVE-2009-3882,CVE-2009-3883)

It was discovered that the ClassLoader did not correctly handle certainoptions. If a user were tricked into running a specially craftedapplet, a remote attacker could execute arbitrary code with userprivileges. (CVE-2009-3881)

It was discovered that time zone file loading could be used to determinethe existence of files on the local system. If a user were tricked intorunning a specially crafted applet, private information could be leakedto a remote attacker, leading to a loss of privacy. (CVE-2009-3884)